In a recent note, john gilmore said:
> Date: Mon, 19 Dec 2005 19:04:43 +0000
>
> Shiaoyun Wang has done it again! After breaking MD5 last year, she has now
> broken SHA-1. The NSA's own pridefully recommended encryption system now
> affords not even minimal security.
>
> Look to the situations in which you are using it, directly or at one remove.
>
From:
Linkname: Schneier on Security: New Cryptanalytic Results Against SHA-1
URL: http://www.schneier.com/blog/archives/2005/08/new_cryptanalyt.html
Shamir presented few details -- and there's no paper -- but the time
complexity of the new attack is 2^63. (Their previous result was 2^69;
brute force is 2^80.) He did say that he expected Wang and her students
to improve this result over the next few months. The modifications to
their published attack are still new, and more improvements are likely
over the next several months. There is no reason to believe that 2^63 is
anything like a lower limit.
But an attack that's faster than 2^64 is a significant milestone. We've
already done massive computations with complexity 2^64. Now that the
SHA-1 collision search is squarely in the realm of feasibility, some
research group will try to implement it. Writing working software will
both uncover hidden problems with the attack, and illuminate hidden
improvements. And while a paper describing an attack against SHA-1 is
damaging, software that produces actual collisions is even more so.
This is far from the Holy Grail of cryptanalysis, the "preimage",
the ability to generate a message given the hash code.
And I wonder, given an engine that enumerateS 2^63 160-bit bit
strings and the presumption that two are identical, how does one
locate the duplicates? Sort and look for a repeat?
-- gil
--
StorageTek
INFORMATION made POWERFUL
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html
